European Union: Published Report on Open RAN Security concerning the Cybersecurity of 5G networks

On 11 May 2022, the Member States of the EU, in collaboration with the European Commission, the European Union Agency for Cybersecurity (ENISA) and the EU Agency for Cybersecurity published a report on the "Cybersecurity of Open RAN". Open RAN is a type of 5G network architecture and the report analyses the opportunities and security challenges that are associated with it. To mitigate risks and leverage opportunities, the report suggests the following actions based on the EU 5G Toolbox: scrutinise and regulate large-scale Open RAN implementation plans from mobile operators; improve technical controls such as authentication and authorisation; operate risk assessments of Open RAN providers and connected infrastructures and providers; request exhaustive technical specifications in the employed international standards; include Open RAN components into the (under development) EU 5G cybersecurity certification scheme.